Add support for authentication via @cryb/auth

Author: darnfish

.env.example

@@ -17,6 +17,9 @@ APERTURE_WS_URL=ws://localhost:9001
 # This should be the same secure key in @cryb/aperture/.env under 'APERTURE_KEY'
 APERTURE_WS_KEY=api-aperture-key
 
+# Optional: the base URL of @cryb/auth. This service usually runs on port 4500
+# AUTH_BASE_URL=http://localhost:4500
+
 # The URI used for connecting to the MongoDB database
 MONGO_URI=
 # The URI used for connecting to Redis instance

src/config/passport.config.ts

@@ -1,3 +1,4 @@
+import axios from 'axios'
 import passport from 'passport'
 import { Strategy, ExtractJwt } from 'passport-jwt'
 import { Request, Response, NextFunction } from 'express'
@@ -28,14 +29,34 @@ const BAN_SAFE_ENDPOINTS = [
 
 const fetchEndpoint = (req: Request) => `${req.method} ${req.baseUrl}${req.route.path}`
 
-export const authenticate = (req: Request, res: Response, next: NextFunction) =>
-    passport.authenticate('jwt', { session: false }, async (err, user: User) => {
-        if(err) return res.sendStatus(500)
-        if(!user) return res.sendStatus(401)
-
-        const endpoint = fetchEndpoint(req)
+const fetchUser = async (req: Request, res: Response, next: NextFunction) => new Promise<User>(async (resolve, reject) => {
+    try {
+        if(process.env.AUTH_BASE_URL) {
+            const { authorization } = req.headers,
+                    token = authorization.split(' ')[1],
+                    { data } = await axios.post(process.env.AUTH_BASE_URL, { token }),
+                    user = new User(data)
+    
+            resolve(user)
+        } else {
+            passport.authenticate('jwt', { session: false }, async (err, user: User) => {
+                if(err) return res.sendStatus(500)
+                if(!user) return res.sendStatus(401)
+        
+                resolve(user)
+            })(req, res, next)
+        }
+    } catch(error) {
+        reject(error)
+    }
+})
 
-        const ban = await user.fetchBan()
+export const authenticate = async (req: Request, res: Response, next: NextFunction) => {
+    try {
+        const user = await fetchUser(req, res, next),
+                endpoint = fetchEndpoint(req),
+                ban = await user.fetchBan()
+        
         if(ban && BAN_SAFE_ENDPOINTS.indexOf(endpoint) > -1)
             return handleError('UserBanned', res)
 
@@ -45,6 +66,9 @@ export const authenticate = (req: Request, res: Response, next: NextFunction) =>
         req.user = user
 
         next()
-    })(req, res, next)
+    } catch(error) {
+        handleError(error, res)
+    }
+}
 
 export default passport

src/models/user/index.ts

@@ -1,10 +1,9 @@
 import IUser, { Role, DiscordCredentials } from './defs'
+import StoredUser from '../../schemas/user.schema'
 
 import Ban from './ban'
 import Room from '../room'
 
-import StoredUser from '../../schemas/user.schema'
-
 import StoredBan from '../../schemas/ban.schema'
 import { createPortal } from '../../drivers/portals.driver'